path: root/iptables/nft-bridge.c
diff options
authorPhil Sutter <>2019-08-20 21:41:12 +0200
committerPhil Sutter <>2019-11-25 23:30:56 +0100
commit1e8ef6a5847549af6fa2edc4fd642cf259ef2ba1 (patch)
tree0595a523a02a2c06dbb3d4a2a17735e385080607 /iptables/nft-bridge.c
parent7dc64022bb8dfecb737fbf4aa02e6464b80e2eae (diff)
nft: family_ops: Pass nft_handle to 'rule_to_cs' callback
This is the actual callback used to parse nftables rules. Pass nft_handle to it so it can access the cache (and possible sets therein). Having to pass nft_handle to nft_rule_print_save() allows to simplify it a bit since no family ops lookup has to be done anymore. Signed-off-by: Phil Sutter <> Acked-by: Pablo Neira Ayuso <>
Diffstat (limited to 'iptables/nft-bridge.c')
1 files changed, 5 insertions, 4 deletions
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index b0c6c5a4..20ce92a6 100644
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -333,11 +333,12 @@ static void nft_bridge_parse_target(struct xtables_target *t, void *data)
cs->target = t;
-static void nft_rule_to_ebtables_command_state(const struct nftnl_rule *r,
+static void nft_rule_to_ebtables_command_state(struct nft_handle *h,
+ const struct nftnl_rule *r,
struct iptables_command_state *cs)
cs->eb.bitmask = EBT_NOPROTO;
- nft_rule_to_iptables_command_state(r, cs);
+ nft_rule_to_iptables_command_state(h, r, cs);
static void print_iface(const char *option, const char *name, bool invert)
@@ -480,7 +481,7 @@ static void nft_bridge_print_rule(struct nft_handle *h, struct nftnl_rule *r,
if (format & FMT_LINENUMBERS)
printf("%d ", num);
- nft_rule_to_ebtables_command_state(r, &cs);
+ nft_rule_to_ebtables_command_state(h, r, &cs);
nft_bridge_save_rule(&cs, format);
@@ -544,7 +545,7 @@ static bool nft_bridge_rule_find(struct nft_handle *h, struct nftnl_rule *r,
struct iptables_command_state this = {};
bool ret = false;
- nft_rule_to_ebtables_command_state(r, &this);
+ nft_rule_to_ebtables_command_state(h, r, &this);
DEBUGP("comparing with... ");